Stránka 2 z 2

Re: Rozpoznávanie hostiteľa

Napsal: 02 led 2016 18:10
od Shark12
24 hodín bez Avastu, žiaden problém ... Ráno som ho zapol, teraz mi vyskočilo rozpoznávanie hostiteľa ... vypol som hneď Avast, aby som nemusel reštartovať PC a Chrome načítal všetky stránky do sekundy ... stačí to ako "dôkaz", že to ovplyvňuje Avast? ... prejdem na niečo iné, asi skúsim tú Aviru, ak je odporúčate :) vďaka za pomoc

Re: Rozpoznávanie hostiteľa

Napsal: 02 led 2016 19:52
od Rudy
Zkuste. Na některých konfiguracích se může antivir takto chovat. Pak by to byla otázka pro jejich fórum. https://forum.avast.com/index.php?board=30.0 .

Re: Rozpoznávanie hostiteľa

Napsal: 06 led 2016 16:57
od Shark12
Zmenené na Aviru, odvtedy bez problémov ... Vedeli by ste mi ešte pomôcť kde v nastaveniach Aviry udelím výnimku kontroly na VLC a Virtual TV? Pretože mi zvykne občas zamrznúť zvuk alebo obraz. Zrejme to bude kontrolou paketov. Vďaka za pomoc

Re: Rozpoznávanie hostiteľa

Napsal: 06 led 2016 18:49
od Rudy
Z hlavy to přesně nevím a jelikož Aviru nemám nainstalovanou, neporadím. Ale určitě to tam je někde v nastaveních. Omlouvám se.

Re: Rozpoznávanie hostiteľa

Napsal: 10 led 2016 20:13
od Shark12
Zdravím, moje problémy pokračujú, ale už nie s rozpoznávaním hostiteľa. Teraz mám problém pozerať TV na PC cez VLC alebo Virtual TV. Občas mrzne prenos, čo som spomínal vyššie. No použil som program RogueKiller na zistenie príčin, a našlo mi toto:

RogueKiller V11.0.6.0 (x64) [Jan 4 2016] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/software/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : XXX [Administrator]
Started from : C:\Users\XXX\Downloads\RogueKillerX64.exe
Mode : Scan Aborted -- Date : 01/10/2016 20:05:27

¤¤¤ Processes : 0 ¤¤¤

¤¤¤ Registry : 0 ¤¤¤

¤¤¤ Tasks : 0 ¤¤¤

¤¤¤ Files : 0 ¤¤¤

¤¤¤ Hosts File : 1 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost

¤¤¤ Antirootkit : 140 (Driver: Loaded) ¤¤¤
[IAT:Inl(Hook.IEAT)] (chrome.exe @ kernel32.dll) ntdll!LdrUnloadDll : Unknown @ 0x303fc (jmp 0x8899c870|jmp 0x6ee1d334)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ kernel32.dll) ntdll!LdrUnloadDll : Unknown @ 0x10503fc (jmp 0x899bc870|jmp 0x6ddfd334)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ kernel32.dll) ntdll!LdrUnloadDll : Unknown @ 0x4103fc (jmp 0x88d7c870|jmp 0x6ea3d334)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtCreateSection : Unknown @ 0x260300 (jmp 0x88da24b0|jmp 0xfffffcf9|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtTerminateThread : Unknown @ 0x2603e0 (jmp 0x88da2500|jmp 0xfffffc19|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtQueryObject : Unknown @ 0x260440 (jmp 0x88da2990|jmp 0xfffffbb9|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtOpenProcess : Unknown @ 0x260360 (jmp 0x88da2750|jmp 0xfffffc99|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtOpenThread : Unknown @ 0x260370 (jmp 0x88da19b0|jmp 0xfffffc89|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtWriteVirtualMemory : Unknown @ 0x2603a0 (jmp 0x88da2650|jmp 0xfffffc59|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtTerminateProcess : Unknown @ 0x2603d0 (jmp 0x88da2760|jmp 0xfffffc29|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtCreateThreadEx : Unknown @ 0x2603c0 (jmp 0x88da1f90|jmp 0xfffffc39|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtCreateThread : Unknown @ 0x2603b0 (jmp 0x88da2520|jmp 0xfffffc49|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtSuspendThread : Unknown @ 0x260420 (jmp 0x88da1290|jmp 0xfffffbd9|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtSetContextThread : Unknown @ 0x2603f0 (jmp 0x88da1510|jmp 0xfffffc09|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtSetBootOptions : Unknown @ 0x260260 (jmp 0x88da1390|jmp 0xfffffd99|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtOpenTimer : Unknown @ 0x260330 (jmp 0x88da1960|jmp 0xfffffcc9|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtNotifyChangeMultipleKeys : Unknown @ 0x260490 (jmp 0x88da1bf0|jmp 0xfffffb69|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtSuspendProcess : Unknown @ 0x260410 (jmp 0x88da1290|jmp 0xfffffbe9|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtCreateTimer : Unknown @ 0x260320 (jmp 0x88da1ee0|jmp 0xfffffcd9|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtSetSystemInformation : Unknown @ 0x2601e0 (jmp 0x88da1140|jmp 0xfffffe19|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtCreateIoCompletion : Unknown @ 0x260340 (jmp 0x88da2020|jmp 0xfffffcb9|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtModifyBootEntry : Unknown @ 0x260240 (jmp 0x88da19e0|jmp 0xfffffdb9|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtOpenMutant : Unknown @ 0x260290 (jmp 0x88da1950|jmp 0xfffffd69|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtSetSystemPowerState : Unknown @ 0x260200 (jmp 0x88da1150|jmp 0xfffffdf9|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtReplyWaitReceivePortEx : Unknown @ 0x260460 (jmp 0x88da2800|jmp 0xfffffb99|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtShutdownSystem : Unknown @ 0x2601f0 (jmp 0x88da10d0|jmp 0xfffffe09|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtOpenIoCompletion : Unknown @ 0x260350 (jmp 0x88da1a70|jmp 0xfffffca9|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtAddBootEntry : Unknown @ 0x260220 (jmp 0x88da21e0|jmp 0xfffffdd9|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtReplyWaitReceivePort : Unknown @ 0x260450 (jmp 0x88da29f0|jmp 0xfffffba9|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtDeleteBootEntry : Unknown @ 0x260230 (jmp 0x88da1d50|jmp 0xfffffdc9|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtSetBootEntryOrder : Unknown @ 0x260250 (jmp 0x88da1390|jmp 0xfffffda9|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtOpenSection : Unknown @ 0x260310 (jmp 0x88da25f0|jmp 0xfffffce9|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtDebugActiveProcess : Unknown @ 0x260400 (jmp 0x88da1f50|jmp 0xfffffbf9|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtAssignProcessToJobObject : Unknown @ 0x260390 (jmp 0x88da2160|jmp 0xfffffc69|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtOpenEvent : Unknown @ 0x2602d0 (jmp 0x88da2520|jmp 0xfffffd29|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtAlpcSendWaitReceivePort : Unknown @ 0x260470 (jmp 0x88da2270|jmp 0xfffffb89|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtNotifyChangeKey : Unknown @ 0x260480 (jmp 0x88da1bf0|jmp 0xfffffb79|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtOpenEventPair : Unknown @ 0x2602f0 (jmp 0x88da1a20|jmp 0xfffffd09|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtCreateEvent : Unknown @ 0x2602c0 (jmp 0x88da2490|jmp 0xfffffd39|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtCreateSemaphore : Unknown @ 0x2602a0 (jmp 0x88da1e90|jmp 0xfffffd59|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtSystemDebugControl : Unknown @ 0x260210 (jmp 0x88da1070|jmp 0xfffffde9|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtCreateMutant : Unknown @ 0x260280 (jmp 0x88da1f00|jmp 0xfffffd79|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtLoadDriver : Unknown @ 0x2601d0 (jmp 0x88da1a30|jmp 0xfffffe29|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtCreateEventPair : Unknown @ 0x2602e0 (jmp 0x88da1fd0|jmp 0xfffffd19|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtQueueApcThreadEx : Unknown @ 0x260430 (jmp 0x88da1770|jmp 0xfffffbc9|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtDuplicateObject : Unknown @ 0x260380 (jmp 0x88da2610|jmp 0xfffffc79|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtOpenSemaphore : Unknown @ 0x2602b0 (jmp 0x88da1920|jmp 0xfffffd49|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ kernel32.dll) ntdll!LdrUnloadDll : Unknown @ 0x9f03fc (jmp 0x8935c870|jmp 0x6e45d334)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtCreateSection : Unknown @ 0x930300 (jmp 0x894724b0|jmp 0xfffffcf9|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtTerminateThread : Unknown @ 0x9303e0 (jmp 0x89472500|jmp 0xfffffc19|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtQueryObject : Unknown @ 0x930440 (jmp 0x89472990|jmp 0xfffffbb9|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtOpenProcess : Unknown @ 0x930360 (jmp 0x89472750|jmp 0xfffffc99|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtOpenThread : Unknown @ 0x930370 (jmp 0x894719b0|jmp 0xfffffc89|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtWriteVirtualMemory : Unknown @ 0x9303a0 (jmp 0x89472650|jmp 0xfffffc59|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtTerminateProcess : Unknown @ 0x9303d0 (jmp 0x89472760|jmp 0xfffffc29|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtCreateThreadEx : Unknown @ 0x9303c0 (jmp 0x89471f90|jmp 0xfffffc39|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtCreateThread : Unknown @ 0x9303b0 (jmp 0x89472520|jmp 0xfffffc49|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtSuspendThread : Unknown @ 0x930420 (jmp 0x89471290|jmp 0xfffffbd9|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtSetContextThread : Unknown @ 0x9303f0 (jmp 0x89471510|jmp 0xfffffc09|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtSetBootOptions : Unknown @ 0x930260 (jmp 0x89471390|jmp 0xfffffd99|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtOpenTimer : Unknown @ 0x930330 (jmp 0x89471960|jmp 0xfffffcc9|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtNotifyChangeMultipleKeys : Unknown @ 0x930490 (jmp 0x89471bf0|jmp 0xfffffb69|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtSuspendProcess : Unknown @ 0x930410 (jmp 0x89471290|jmp 0xfffffbe9|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtCreateTimer : Unknown @ 0x930320 (jmp 0x89471ee0|jmp 0xfffffcd9|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtSetSystemInformation : Unknown @ 0x9301e0 (jmp 0x89471140|jmp 0xfffffe19|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtCreateIoCompletion : Unknown @ 0x930340 (jmp 0x89472020|jmp 0xfffffcb9|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtModifyBootEntry : Unknown @ 0x930240 (jmp 0x894719e0|jmp 0xfffffdb9|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtOpenMutant : Unknown @ 0x930290 (jmp 0x89471950|jmp 0xfffffd69|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtSetSystemPowerState : Unknown @ 0x930200 (jmp 0x89471150|jmp 0xfffffdf9|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtReplyWaitReceivePortEx : Unknown @ 0x930460 (jmp 0x89472800|jmp 0xfffffb99|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtShutdownSystem : Unknown @ 0x9301f0 (jmp 0x894710d0|jmp 0xfffffe09|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtOpenIoCompletion : Unknown @ 0x930350 (jmp 0x89471a70|jmp 0xfffffca9|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtAddBootEntry : Unknown @ 0x930220 (jmp 0x894721e0|jmp 0xfffffdd9|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtReplyWaitReceivePort : Unknown @ 0x930450 (jmp 0x894729f0|jmp 0xfffffba9|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtDeleteBootEntry : Unknown @ 0x930230 (jmp 0x89471d50|jmp 0xfffffdc9|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtSetBootEntryOrder : Unknown @ 0x930250 (jmp 0x89471390|jmp 0xfffffda9|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtOpenSection : Unknown @ 0x930310 (jmp 0x894725f0|jmp 0xfffffce9|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtDebugActiveProcess : Unknown @ 0x930400 (jmp 0x89471f50|jmp 0xfffffbf9|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtAssignProcessToJobObject : Unknown @ 0x930390 (jmp 0x89472160|jmp 0xfffffc69|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtOpenEvent : Unknown @ 0x9302d0 (jmp 0x89472520|jmp 0xfffffd29|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtAlpcSendWaitReceivePort : Unknown @ 0x930470 (jmp 0x89472270|jmp 0xfffffb89|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtNotifyChangeKey : Unknown @ 0x930480 (jmp 0x89471bf0|jmp 0xfffffb79|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtOpenEventPair : Unknown @ 0x9302f0 (jmp 0x89471a20|jmp 0xfffffd09|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtCreateEvent : Unknown @ 0x9302c0 (jmp 0x89472490|jmp 0xfffffd39|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtCreateSemaphore : Unknown @ 0x9302a0 (jmp 0x89471e90|jmp 0xfffffd59|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtSystemDebugControl : Unknown @ 0x930210 (jmp 0x89471070|jmp 0xfffffde9|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtCreateMutant : Unknown @ 0x930280 (jmp 0x89471f00|jmp 0xfffffd79|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtLoadDriver : Unknown @ 0x9301d0 (jmp 0x89471a30|jmp 0xfffffe29|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtCreateEventPair : Unknown @ 0x9302e0 (jmp 0x89471fd0|jmp 0xfffffd19|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtQueueApcThreadEx : Unknown @ 0x930430 (jmp 0x89471770|jmp 0xfffffbc9|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtDuplicateObject : Unknown @ 0x930380 (jmp 0x89472610|jmp 0xfffffc79|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtOpenSemaphore : Unknown @ 0x9302b0 (jmp 0x89471920|jmp 0xfffffd49|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ kernel32.dll) ntdll!LdrUnloadDll : Unknown @ 0xb603fc (jmp 0x894cc870|jmp 0x6e2ed334)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtCreateSection : Unknown @ 0xae0300 (jmp 0x896224b0|jmp 0xfffffcf9|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtTerminateThread : Unknown @ 0xae03e0 (jmp 0x89622500|jmp 0xfffffc19|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtQueryObject : Unknown @ 0xae0440 (jmp 0x89622990|jmp 0xfffffbb9|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtOpenProcess : Unknown @ 0xae0360 (jmp 0x89622750|jmp 0xfffffc99|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtOpenThread : Unknown @ 0xae0370 (jmp 0x896219b0|jmp 0xfffffc89|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtWriteVirtualMemory : Unknown @ 0xae03a0 (jmp 0x89622650|jmp 0xfffffc59|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtTerminateProcess : Unknown @ 0xae03d0 (jmp 0x89622760|jmp 0xfffffc29|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtCreateThreadEx : Unknown @ 0xae03c0 (jmp 0x89621f90|jmp 0xfffffc39|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtCreateThread : Unknown @ 0xae03b0 (jmp 0x89622520|jmp 0xfffffc49|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtSuspendThread : Unknown @ 0xae0420 (jmp 0x89621290|jmp 0xfffffbd9|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtSetContextThread : Unknown @ 0xae03f0 (jmp 0x89621510|jmp 0xfffffc09|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtSetBootOptions : Unknown @ 0xae0260 (jmp 0x89621390|jmp 0xfffffd99|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtOpenTimer : Unknown @ 0xae0330 (jmp 0x89621960|jmp 0xfffffcc9|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtNotifyChangeMultipleKeys : Unknown @ 0xae0490 (jmp 0x89621bf0|jmp 0xfffffb69|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtSuspendProcess : Unknown @ 0xae0410 (jmp 0x89621290|jmp 0xfffffbe9|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtCreateTimer : Unknown @ 0xae0320 (jmp 0x89621ee0|jmp 0xfffffcd9|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtSetSystemInformation : Unknown @ 0xae01e0 (jmp 0x89621140|jmp 0xfffffe19|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtCreateIoCompletion : Unknown @ 0xae0340 (jmp 0x89622020|jmp 0xfffffcb9|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtModifyBootEntry : Unknown @ 0xae0240 (jmp 0x896219e0|jmp 0xfffffdb9|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtOpenMutant : Unknown @ 0xae0290 (jmp 0x89621950|jmp 0xfffffd69|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtSetSystemPowerState : Unknown @ 0xae0200 (jmp 0x89621150|jmp 0xfffffdf9|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtReplyWaitReceivePortEx : Unknown @ 0xae0460 (jmp 0x89622800|jmp 0xfffffb99|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtShutdownSystem : Unknown @ 0xae01f0 (jmp 0x896210d0|jmp 0xfffffe09|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtOpenIoCompletion : Unknown @ 0xae0350 (jmp 0x89621a70|jmp 0xfffffca9|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtAddBootEntry : Unknown @ 0xae0220 (jmp 0x896221e0|jmp 0xfffffdd9|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtReplyWaitReceivePort : Unknown @ 0xae0450 (jmp 0x896229f0|jmp 0xfffffba9|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtDeleteBootEntry : Unknown @ 0xae0230 (jmp 0x89621d50|jmp 0xfffffdc9|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtSetBootEntryOrder : Unknown @ 0xae0250 (jmp 0x89621390|jmp 0xfffffda9|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtOpenSection : Unknown @ 0xae0310 (jmp 0x896225f0|jmp 0xfffffce9|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtDebugActiveProcess : Unknown @ 0xae0400 (jmp 0x89621f50|jmp 0xfffffbf9|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtAssignProcessToJobObject : Unknown @ 0xae0390 (jmp 0x89622160|jmp 0xfffffc69|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtOpenEvent : Unknown @ 0xae02d0 (jmp 0x89622520|jmp 0xfffffd29|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtAlpcSendWaitReceivePort : Unknown @ 0xae0470 (jmp 0x89622270|jmp 0xfffffb89|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtNotifyChangeKey : Unknown @ 0xae0480 (jmp 0x89621bf0|jmp 0xfffffb79|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtOpenEventPair : Unknown @ 0xae02f0 (jmp 0x89621a20|jmp 0xfffffd09|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtCreateEvent : Unknown @ 0xae02c0 (jmp 0x89622490|jmp 0xfffffd39|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtCreateSemaphore : Unknown @ 0xae02a0 (jmp 0x89621e90|jmp 0xfffffd59|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtSystemDebugControl : Unknown @ 0xae0210 (jmp 0x89621070|jmp 0xfffffde9|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtCreateMutant : Unknown @ 0xae0280 (jmp 0x89621f00|jmp 0xfffffd79|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtLoadDriver : Unknown @ 0xae01d0 (jmp 0x89621a30|jmp 0xfffffe29|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtCreateEventPair : Unknown @ 0xae02e0 (jmp 0x89621fd0|jmp 0xfffffd19|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtQueueApcThreadEx : Unknown @ 0xae0430 (jmp 0x89621770|jmp 0xfffffbc9|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtDuplicateObject : Unknown @ 0xae0380 (jmp 0x89622610|jmp 0xfffffc79|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtOpenSemaphore : Unknown @ 0xae02b0 (jmp 0x89621920|jmp 0xfffffd49|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ kernel32.dll) ntdll!LdrUnloadDll : Unknown @ 0x4103fc (jmp 0x88d7c870|jmp 0x6ea3d334)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ kernel32.dll) ntdll!LdrUnloadDll : Unknown @ 0x3b03fc (jmp 0x88d1c870|jmp 0x6ea9d334)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ kernel32.dll) ntdll!LdrUnloadDll : Unknown @ 0x6d03fc (jmp 0x8903c870|jmp 0x6e77d334)

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: ST3500413AS ATA Device +++++
--- User ---
[MBR] 9362c00e02b6379861673737e2a8dd5a
[BSP] 677ff67aca8be26be2896926cda0802c : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 476838 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

Viete poradiť ako to opraviť, alebo čo s tým? Vďaka

Re: Rozpoznávanie hostiteľa

Napsal: 10 led 2016 20:24
od Rudy
Dejte log ComboFix:
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware.

Re: Rozpoznávanie hostiteľa

Napsal: 12 led 2016 15:01
od Shark12
ComboFix 16-01-07.01 - XXX . 01. 2016 14:50:51.1.6 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.421.1051.18.8190.5311 [GMT 1:00]
Running from: c:\users\XXX\Downloads\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\XXX\AppData\Local\assembly\tmp
c:\users\XXX\AppData\Local\assembly\tmp\DAXHPSG6\__AssemblyInfo__.ini
c:\users\XXX\AppData\Local\assembly\tmp\DAXHPSG6\AddinExpress.MSO.2005.DLL
c:\users\XXX\AppData\Local\assembly\tmp\MNA3DIWC\__AssemblyInfo__.ini
c:\users\XXX\AppData\Local\assembly\tmp\MNA3DIWC\Microsoft.Office.Interop.Word.DLL
c:\windows\PFRO.log
.
.
((((((((((((((((((((((((( Files Created from 2015-12-12 to 2016-01-12 )))))))))))))))))))))))))))))))
.
.
2016-01-12 13:55 . 2016-01-12 13:55 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-01-09 22:20 . 2016-01-12 13:28 36608 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2016-01-09 22:20 . 2016-01-09 22:51 -------- d-----w- c:\programdata\RogueKiller
2016-01-08 14:18 . 2016-01-08 14:18 -------- d-----w- c:\users\XXX\AppData\Local\AntikVirtualSTB
2016-01-08 14:18 . 2016-01-08 14:18 -------- d-----w- c:\program files (x86)\AntikVirtualSTB
2016-01-08 13:29 . 2016-01-08 13:27 386096 ----a-w- c:\windows\system32\aswBoot.exe
2016-01-08 13:28 . 2016-01-08 13:28 -------- d-----w- c:\users\XXX\AppData\Roaming\AVAST Software
2016-01-08 13:28 . 2016-01-08 13:27 155304 ----a-w- c:\windows\system32\drivers\aswStm.sys
2016-01-08 13:28 . 2016-01-08 13:28 451040 ----a-w- c:\windows\system32\drivers\aswSP.sys
2016-01-08 13:28 . 2016-01-08 13:27 65224 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2016-01-08 13:28 . 2016-01-08 13:27 273784 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2016-01-08 13:28 . 2016-01-08 13:28 97648 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2016-01-08 13:28 . 2016-01-08 13:27 93528 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2016-01-08 13:28 . 2016-01-08 13:27 28656 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2016-01-08 13:27 . 2016-01-08 13:27 1055560 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2016-01-08 13:27 . 2016-01-08 13:27 43112 ----a-w- c:\windows\avastSS.scr
2016-01-08 13:27 . 2016-01-08 13:27 -------- d-----w- c:\program files\AVAST Software
2016-01-07 18:09 . 2015-05-06 15:54 120200 ----a-w- c:\windows\SysWow64\DLLDEV32i.dll
2016-01-02 18:31 . 2016-01-02 18:31 -------- d-----w- c:\windows\system32\appmgmt
2016-01-02 18:29 . 2016-01-02 18:29 -------- d-s---w- c:\windows\SysWow64\Microsoft
2016-01-02 09:24 . 2016-01-02 09:24 -------- d-----w- c:\users\XXX\AppData\Local\CrashDumps
2015-12-30 18:05 . 2015-12-30 18:05 192216 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-12-30 18:05 . 2015-12-30 18:05 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2015-12-30 18:05 . 2015-12-30 18:05 -------- d-----w- c:\programdata\Malwarebytes
2015-12-30 18:05 . 2015-10-05 08:50 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-12-30 18:05 . 2015-10-05 08:50 109272 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-12-30 18:05 . 2015-10-05 08:50 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-12-29 20:56 . 2016-01-12 13:55 -------- d-----w- c:\users\XXX\AppData\Local\Temp
2015-12-29 18:31 . 2016-01-10 10:17 -------- d-----w- C:\AdwCleaner
2015-12-29 17:58 . 2015-12-29 20:56 -------- d-----w- C:\FRST
2015-12-22 12:05 . 2015-12-09 01:51 111520 ----a-w- c:\windows\system32\NvRtmpStreamer64.dll
2015-12-14 10:38 . 2015-12-14 10:38 -------- d-----w- c:\program files (x86)\Common Files\Skype
2015-12-14 10:38 . 2015-12-14 10:38 -------- d-----r- c:\program files (x86)\Skype
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-01-03 15:33 . 2016-01-03 15:33 1409 ----a-w- c:\windows\Fonts\FSEX300.fot
2015-12-09 01:51 . 2015-10-04 08:39 1530240 ----a-w- c:\windows\SysWow64\nvspcap.dll
2015-12-09 01:51 . 2015-10-04 08:39 1316184 ----a-w- c:\windows\SysWow64\nvspbridge.dll
2015-12-09 01:51 . 2015-10-04 08:39 1846016 ----a-w- c:\windows\system32\nvspcap64.dll
2015-12-09 01:51 . 2015-10-04 08:39 1756424 ----a-w- c:\windows\system32\nvspbridge64.dll
2015-11-02 22:48 . 2015-11-05 15:13 39240 ----a-w- c:\windows\system32\nvhdap64.dll
2015-11-02 22:48 . 2015-11-05 15:13 205456 ----a-w- c:\windows\system32\drivers\nvhda64v.sys
2015-11-02 22:48 . 2015-10-22 20:50 1572496 ----a-w- c:\windows\system32\nvhdagenco6420103.dll
2015-11-02 17:10 . 2015-11-05 15:13 877176 ----a-w- c:\windows\system32\NvFBC64.dll
2015-11-02 17:10 . 2015-11-05 15:13 862000 ----a-w- c:\windows\system32\NvIFR64.dll
2015-11-02 17:10 . 2015-11-05 15:13 689272 ----a-w- c:\windows\SysWow64\NvFBC.dll
2015-11-02 17:10 . 2015-11-05 15:13 673912 ----a-w- c:\windows\SysWow64\NvIFR.dll
2015-11-02 17:10 . 2015-11-05 15:13 468096 ----a-w- c:\windows\system32\nvumdshimx.dll
2015-11-02 17:10 . 2015-11-05 15:13 42913912 ----a-w- c:\windows\system32\nvcompiler.dll
2015-11-02 17:10 . 2015-11-05 15:13 388024 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2015-11-02 17:10 . 2015-11-05 15:13 37882160 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2015-11-02 17:10 . 2015-11-05 15:13 2869880 ----a-w- c:\windows\system32\nvcuvid.dll
2015-11-02 17:10 . 2015-11-05 15:13 2490672 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2015-11-02 17:10 . 2015-11-05 15:13 22308472 ----a-w- c:\windows\system32\nvoglv64.dll
2015-11-02 17:10 . 2015-11-05 15:13 1905456 ----a-w- c:\windows\system32\nvdispco6435887.dll
2015-11-02 17:10 . 2015-11-05 15:13 18361976 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2015-11-02 17:10 . 2015-11-05 15:13 177416 ----a-w- c:\windows\system32\nvinitx.dll
2015-11-02 17:10 . 2015-11-05 15:13 16553376 ----a-w- c:\windows\system32\nvopencl.dll
2015-11-02 17:10 . 2015-11-05 15:13 15717672 ----a-w- c:\windows\system32\nvd3dumx.dll
2015-11-02 17:10 . 2015-11-05 15:13 1564976 ----a-w- c:\windows\system32\nvdispgenco6435887.dll
2015-11-02 17:10 . 2015-11-05 15:13 155792 ----a-w- c:\windows\SysWow64\nvinit.dll
2015-11-02 17:10 . 2015-11-05 15:13 15120736 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2015-11-02 17:10 . 2015-11-05 15:13 151184 ----a-w- c:\windows\system32\nvoglshim64.dll
2015-11-02 17:10 . 2015-11-05 15:13 14836064 ----a-w- c:\windows\system32\nvcuda.dll
2015-11-02 17:10 . 2015-11-05 15:13 13527248 ----a-w- c:\windows\SysWow64\nvopencl.dll
2015-11-02 17:10 . 2015-11-05 15:13 128696 ----a-w- c:\windows\SysWow64\nvoglshim32.dll
2015-11-02 17:10 . 2015-11-05 15:13 12034440 ----a-w- c:\windows\SysWow64\nvcuda.dll
2015-11-02 17:10 . 2015-11-05 15:13 11130672 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2015-11-02 17:10 . 2015-10-22 20:50 17515016 ----a-w- c:\windows\system32\nvwgf2umx.dll
2015-11-02 17:10 . 2015-10-22 20:50 12770752 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2015-11-02 17:10 . 2015-10-22 20:50 3579000 ----a-w- c:\windows\system32\nvapi64.dll
2015-11-02 17:10 . 2015-10-22 20:50 3158736 ----a-w- c:\windows\SysWow64\nvapi.dll
2015-11-02 13:22 . 2015-10-22 20:53 6358648 ----a-w- c:\windows\system32\nvcpl.dll
2015-11-02 13:22 . 2015-10-22 20:53 2983216 ----a-w- c:\windows\system32\nvsvc64.dll
2015-11-02 13:22 . 2015-10-22 20:53 938616 ----a-w- c:\windows\system32\nvvsvc.exe
2015-11-02 13:22 . 2015-10-22 20:53 62584 ----a-w- c:\windows\system32\nvshext.dll
2015-11-02 13:22 . 2015-10-22 20:53 385144 ----a-w- c:\windows\system32\nvmctray.dll
2015-11-02 13:22 . 2015-10-22 20:53 2554672 ----a-w- c:\windows\system32\nvsvcr.dll
2015-11-02 13:16 . 2015-11-05 15:16 102704 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2015-10-29 00:31 . 2015-10-22 20:53 6027430 ----a-w- c:\windows\system32\nvcoproc.bin
2015-10-23 13:43 . 2015-10-23 13:29 25640 ----a-w- c:\windows\gdrv.sys
2015-10-23 11:49 . 2015-10-23 11:49 608 --sha-w- c:\windows\system32\winzvprt5.sys
2015-10-23 09:32 . 2015-10-23 09:32 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7013C696-D20B-444E-9D79-BB3FC860B31D}\offreg.5544.dll
2015-10-23 09:31 . 2015-10-04 08:47 110176 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2015-10-16 07:26 . 2015-10-06 13:47 143481208 ----a-w- c:\windows\system32\MRT.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2015-03-13 7451928]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2014-03-04 3696912]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2015-12-17 50385536]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2010-09-07 43608]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-08-06 642216]
"ToolBoxFX"="c:\program files (x86)\HP\ToolBoxFX\bin\HPTLBXFX.exe" [2010-03-03 53248]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2005-02-16 49152]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2016-01-08 7021880]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
FAH.lnk - c:\program files\WinZip\FAH\FAHConsole.exe [2015-6-16 434352]
WinZip Preloader.lnk - c:\program files\WinZip\WzPreloader.exe [2015-6-16 126176]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer5"=wdmaud.drv
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 HP LaserJet Service;HP LaserJet Service;c:\program files (x86)\HP\HPLaserJetService\HPLaserJetService.exe;c:\program files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 cpuz136;cpuz136;c:\windows\TEMP\cpuz136\cpuz136_x64.sys;c:\windows\TEMP\cpuz136\cpuz136_x64.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 HPEWSFXBULK;HPEWSFXBULK;c:\windows\system32\drivers\hpfx64bulk.sys;c:\windows\SYSNATIVE\drivers\hpfx64bulk.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 MSICDSetup;MSICDSetup;d:\cdriver64.sys;d:\CDriver64.sys [x]
R3 Origin Client Service;Origin Client Service;c:\program files (x86)\Origin\OriginClientService.exe;c:\program files (x86)\Origin\OriginClientService.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AODDriver4.1;AODDriver4.1;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 JMB36X;JMB36X;c:\windows\SysWOW64\XSrvSetup.exe;c:\windows\SysWOW64\XSrvSetup.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 NvStreamNetworkSvc;NVIDIA Streamer Network Service;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - TrueSight
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-12-16 20:23 1000264 ----a-w- c:\program files (x86)\Google\Chrome\Application\47.0.2526.106\Installer\chrmstp.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{A6EADE66-0000-0000-484E-7E8A45000000}]
2015-11-18 16:22 286904 ----a-w- c:\program files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2016-01-08 13:27 873304 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2015-12-09 2771576]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2015-12-09 1846016]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-10-06 11474024]
"HP LaserJet M1522 MFP Series Fax"="c:\program files (x86)\HP\hp LaserJet M1522\hppfaxprintersrv.exe" [2009-09-22 3700736]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovať do programu Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2016-01-12 14:56:19
ComboFix-quarantined-files.txt 2016-01-12 13:56
.
Pre-Run: 421 540 126 720 bytes free
Post-Run: 421 410 934 784 bytes free
.
- - End Of File - - DAF85CC870EE18DE9D6D9ABD565E0A6D
A36C5E4F47E84449FF07ED3517B43A31

Edit: Pred spustením som mal upozornenie na vypnutie Avastu, aby sa predišlo poškodeniam PC. Mal som ho nechať zapnutý? Zmení sa tým niečo? Sekanie pokračuje aj ďalej ...

Edit2: Spustil som teraz nanovo RogueKiller a našlo mi 182 antirootkit súborov, prevažne chrome.exe ... vlastne to čo vyššie, z čoho mi vyplýva, že ComboFix s tým neurobil nič ... Spustiť nanovo? Aj s Avastom?

Edit3: Urobil som combo v Safe Mode, a efekt rovnaký, neurobil takmer nič ... Rouge Killer mi našiel IAT:Inl Hook alebo niečo také (tých 182 súborov), existuje na to nejaký program, ktorý sa toho zbaví bez toho, aby som natiahol do PC ďalšie vírusy? S čím máte skúsenosti? Alebo ostáva iba preinštalovať windows?

Re: Rozpoznávanie hostiteľa

Napsal: 12 led 2016 19:08
od Rudy
Přesuňte ComboFix na plochu. Otevřte poznámkový blok a zkopírujte do něj:
RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spstí a vykoná příkaz ze skriptu. To, co nalezl Rogue, nejsou rootkity. Ty by CF také odhalil. Proto jsem vám ho doporučil spustit, takže není důvod něco mazat. Naopak CF nalezl cosi v profilu (viz. v logu smazané položky). To, co provedete teď. je pouze dočištění. V PC už máte čisto.

Re: Rozpoznávanie hostiteľa

Napsal: 12 led 2016 19:39
od Shark12
Všetko som urobil, problém stále pretrváva. Občasné mrznutie prenosu TV. Problém mám hľadať v niečom inom? Čo by mohlo byť ešte chybné?

Re: Rozpoznávanie hostiteľa

Napsal: 12 led 2016 19:49
od Rudy
Ve virech to není, PC je čistý. V čem to přehráváte?

Re: Rozpoznávanie hostiteľa

Napsal: 12 led 2016 19:55
od Shark12
1, Antik Virtual Set Top Box - Antik ako poskytovateľ siete má vlastný software s programami, ktoré mám normálne dostupné a platené na klasickej TV + rádio stanice.
2, VLC Media Player

... myslel som, či nie staré verzie, ale Antik má automatické aktualizácie pri spustení programu, a VLC mám staršie, nakoľko je najlepšie. A skúšal som ich preinštalovať, ale nepomohlo to.

Re: Rozpoznávanie hostiteľa

Napsal: 12 led 2016 21:17
od Rudy
Na zkoušku to spusťte ve WMP, zda se to bude také sekat.

Re: Rozpoznávanie hostiteľa

Napsal: 12 led 2016 23:02
od Shark12
To nepôjde, VLC využívam kvôli tým sieťovým streamom SAP. WMP to nemá v ponuke pokiaľ viem ... Preto využívam jedine VLC

Re: Rozpoznávanie hostiteľa

Napsal: 13 led 2016 18:56
od Shark12
Ešte mi napadlo, či tento problém nemôže spôsobovať starý problém s RAM, ktorý sme riešili (http://forum.viry.cz/viewtopic.php?f=66&t=146512). Vtedy záhadne pomohlo vybratie oboch RAM zo slotov a zapojenie do tých istých. Dosť zaujímavé :D Môže to mať niečo spoločné? Že sa teraz prejavuje týmto spôsobom.

Re: Rozpoznávanie hostiteľa

Napsal: 13 led 2016 19:10
od Rudy
Pochybuji, že by to pomohlo. Problém tam mohl tehdy být třeba ve špatném kontaktu.